<?php include_once "config/config.php"; session_start();

$butonas = $_POST['btn']; 

if($butonas == "edit") {

    $vardas = mysql_real_escape_string($_POST['editc_vardas']);
    $pavarde = mysql_real_escape_string($_POST['editc_pavarde']);
    $login = mysql_real_escape_string($_POST['editc_login']);
    $kodas1 = mysql_real_escape_string($_POST['editc_kodas1']);
    $kodas2 = mysql_real_escape_string($_POST['editc_kodas2']);
    $klausimas = mysql_real_escape_string($_POST['editc_klausimas']);
    $atsakymas = mysql_real_escape_string($_POST['editc_atsakymas']);
    $email = mysql_real_escape_string($_POST['editc_email']);
    $tel = mysql_real_escape_string($_POST['editc_tel']);
    $adresas = mysql_real_escape_string($_POST['editc_adresas']);
    $check = ($_POST['editc_enabled']);
    
    $id = $_SESSION['pajegos'];
    $user_db = mysql_query("SELECT * FROM vartotojai WHERE vartotojai.id='$id'");
    $role_db = mysql_query("SELECT roleId FROM vartotojuroles WHERE vartotojuroles.VartotojaiId = '$id'");
    $paslaugos_db = mysql_query("SELECT sutartys.id AS sutartisID, sutartys.GaliojaIki AS galiojaIKI,
                                sutartys.Planas AS paslaugosID, paslaugos.pavadinimas AS paslaugosPavad
                                FROM vartotojai INNER JOIN sutartys ON sutartys.VartotojaiId = vartotojai.id
                                INNER JOIN paslaugos ON sutartys.Planas = paslaugos.id WHERE vartotojai.id = '$id'");
    
    $i = 0; $roles = array();
    while($row = mysql_fetch_array($role_db)){
        $roles[$i] = $row['roleId'];
        $i ++;
    }
    $user = mysql_fetch_array($user_db);
//    var_dump($user['id']. ' '.$user['Password']); 
     
    $paslaugos = array();
    $i = 0;
    while($row = mysql_fetch_array($paslaugos_db)){
        $paslaugos[$i]['paslaugosID'] = $row['paslaugosID'];
        $paslaugos[$i]['paslaugosPavad'] = $row['paslaugosPavad'];
        $i ++;
    }
    
    $usrname = md5($login);
    $answer = md5($atsakymas);
    
    $c = 0;
    if($check) {
        $c = 1;
    }
    elseif ($check == null) {
       $c = 0;
    }
    mysql_query("UPDATE vartotojai SET Enabled = '$c' WHERE id='$id'");
    
    if($vardas != $user['Vardas']) {
        mysql_query("UPDATE vartotojai SET Vardas = '$vardas' WHERE id='$id'");
    }
    if($pavarde != $user['Pavarde']) {
        mysql_query("UPDATE vartotojai SET Pavarde = '$pavarde' WHERE id='$id'");
    }    
    if($usrname != $user['LoginName']) {
        mysql_query("UPDATE vartotojai SET LoginName = '$usrname' WHERE id='$id'");
    }
    else { header('Location: userpage.php?error=6'); }
    if($kodas1 != '' || $kodas2 != ''){
        $pass1= md5($kodas1.'_zemuogiu_sode');
        $pass2 = md5($kodas2.'_zemuogiu_sode');
        
        if ($pass1 == $pass2) {
            if($pass1 != $user['Password']) {
                mysql_query("UPDATE vartotojai SET Password = '$pass1' WHERE id='$id'");
            }
            else { header('Location: userpage.php?error=6'); }
        }
        
    }
    if($klausimas != $user['PasswordQuestion']) {
        mysql_query("UPDATE vartotojai SET PasswordQuestion = '$klausimas' WHERE id='$id'");
    }
    
    if($answer != $user['PasswordAnswer']) {
        mysql_query("UPDATE vartotojai SET PasswordAnswer = '$answer' WHERE id='$id'");
    }   
    if($email != $user['email']) {
        mysql_query("UPDATE vartotojai SET email = '$email' WHERE id='$id'");
    }
    else { header('Location: userpage.php?error=7'); }
    if($tel != $user['Telefonas']) {
        mysql_query("UPDATE vartotojai SET Telefonas = '$tel' WHERE id='$id'");
    }
    if($adresas != $user['Adresas']) {
        mysql_query("UPDATE vartotojai SET Adresas = '$adresas' WHERE id='$id'");
    }    
    header('Location: userpage.php?editacc');
}
 elseif($butonas == "delete")
 {
    mysql_query("DELETE FROM vartotojai WHERE id ='$id'");
    mysql_query("DELETE FROM saskaitos WHERE VartotojaiId ='$id'");
    mysql_query("DELETE FROM sutartys WHERE VartotojaiId='$id'");
    mysql_query("DELETE FROM vartotojuroles WHERE VartotojaiId ='$id'");
    mysql_query("DELETE FROM inestipinigai WHERE VartotojaiID ='$id'");
    
    header('Location: userpage.php');       
 }
?>